[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Re: Mystery of Openvpn


  • Subject: Re: [Openvpn-users] Re: Mystery of Openvpn
  • From: Davis Goodman <davis.goodman@xxxxxxxxxxxx>
  • Date: Tue, 07 Dec 2004 10:27:07 -0500

Title: New Page 1
Hi  Rick,

Are you using the default settings for OpenVPN, because since a couple of releases the default port is 1194. If so, you will have to adjust your settings in Shorewall.



Davis Goodman

Tibbs, Richard wrote:
Well, the short answer is yes. I am using a LEAD called Bering 1.2, and
yes I agree 2.4.20 is a bit long in the tooth, but 2.6 is bit new. I
would like to wait until the stability of 2.6 is proven... I am sounding
like some kind old woman even to myself, apologies for the politically
incorrect stmt.. ;-)

Anyway, the reason the answer is yes, is that I am using shorewall
(front end to iptables) with the following zones, interfaces, policies
and tunnels.
The below "should" work, but doesn't. The ACCEPT lines in the policy
should open ports 5000 but don't. Anybody have any ideas? >>> TIA, Rick.

/etc/shorewall/zones:
#zone display
net   Net
loc   Local 
vpn1 vpn-rw-ipsec
vpn3 wlan-openvpn

/etc/shorewall/interfaces
#zone interface
net	eth0
loc	eth1
vpn1	ipsec0
vpn3	tun0

/etc/shorewall/policy
loc	vpn1	ACCEPT
loc	vpn3	ACCEPT
vpn1	loc	ACCEPT
vpn3	loc	ACCEPT
net	all	DROP		ULOG
all	all	REJECT	ULOG

/etc/shorewall/tunnels
# TYPE		ZONE	GATEWAY	GATEWAY ZONE
ipsec			net	0.0.0.0/0	vpn1
openvpn		loc	192.168.1.3	vpn3


-----Original Message-----
From: openvpn-users-admin@xxxxxxxxxxxxxxxxxxxxx
[mailto:openvpn-users-admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Ged
Haywood
Sent: Monday, December 06, 2004 2:26 PM
To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Subject: [Openvpn-users] Re: Mystery of Openvpn

Hi there,

On Mon, 6 Dec 2004 Tibbs, Richard wrote:

  
WINXP ---WLAN----Linux 2.4.20 firewall+openvpn ----DSLmodem ---
    
Internet
  
192.168.1.3     192.168.1.254

The symptom is that I cannot access any web page over the wireless
    
while
  
openvpn on either firewall or xp is up. The route tables look right to
me, see below. But the log files on the firewall show some UDP
operations fail.
    

Have you opened a port for OpenVPN on the firewall?

Have you put OpenVPN on the firewall itself?  There are those who
would argue that it's not best practice.  And kernel 2.4.20 is getting
a bit long in the tooth now, if you don't mind my saying so... :)

73,
Ged.

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
  

--

____________________________________
Davis Goodman
Manager, QA & Support

 

400 Isabey
Montréal (Québec)
Canada H4T 1V3

Tel. : 514.335.9867 #3279
Cell. : 514.994.7360
Fax : 514.333.9873
davis.goodman@algolith.com
www.algolith.com

JPEG image